Security

While other enterprise application models require platform-specific
security measures in each application, the Java EE security environment enables
security constraints to be defined at deployment time. The Java EE platform
makes applications portable to a wide variety of security implementations
by shielding application developers from the complexity of implementing security
features.

The Java EE platform provides standard declarative access control rules
that are defined by the developer and interpreted when the application is
deployed on the server. Java EE also provides standard login mechanisms so
application developers do not have to implement these mechanisms in their
applications. The same application works in a variety of different security
environments without changing the source code.